[tigerweeds]

this is exactly what I've been looking for. I was thinking of using a small truecrypt container with btsync but it wouldn't work well due to container size being always the same, sync being possible only after unmounting the TC container and so on.

[bigiain]

I've got EncFS encrypted filesystems on Dropbox, BTSync, GoogleDrive, and Jottacloud (a non-US based cloud storage provider). It's been working fine over the last month or so of testing. In MacOSX, I've got both EncFS over FUSE and the commercial BoxCryptor packaged version happly working together. I've got Ubuntu 9 & 12.04LTS, ARCH Linux on a RaspberryPi, and iOS on my phone and iPad all syncing some or all of those EncFS containers and successfully reading/writing them. I haven't tried, but I have no reason to doubt BoxCryptor will happily read/write those filesystems on Windows and Android.

One thing I particularly like about this setup, is that I can have encrypted data synced to a machine that doesn't have the decryption key (or even software) on it – my media server and a machine at work are "backing up" all that data without it being "exposed" even if a machine and disks get stolen/confiscated.

This is different to a truecrypt volume, in that the files are still discrete:

  [Bigs-MacBook-Pro:~/Dropbox/BoxCryptor-DB.bc] bigiain% ls -l
  total 7544
  -rw-r--r--@  1 bigiain  admin      625 12 Jun 10:59   !IMPORTANT BoxCryptor Information.txt
  -rw-r--r--@  1 bigiain  admin        0 12 Jun 11:07 Hmz6h72bplJbH1
  drwxr-xr-x@  3 bigiain  admin      102 12 Jul 18:01 QY7,wBj6mQwGV7OyD3Qbll8
  drwxr-xr-x  50 bigiain  admin     1700 23 Jul 22:21 WoVrJB-gyKVMm0
  -rw-r--r--@  1 bigiain  admin  3840262  6 Aug 09:40 Z8,UY5cp7Ux491OckZ9yXM2
  -rw-r--r--@  1 bigiain  admin    15364  7 Aug 21:25 nMrARYb-KDbdDj2

individual files can get synced as the change, without needing to re-sync the entire volume. On the downside, that means I leak some metadata, file sizes and modification dates, but not names or contents. I also lose the tryecrypt option of hidden volumes, but perhaps that's a plus in that they wont hit me with the $5 wrench insisting that there's _another_ password - even if there isn't…

[antirez]

I'm currently using a truecrypt tiny volume inside Dropbox, works but it is not really ideal. Conflicts resolution and a very long password to remember for the volume, that's the only way I can protect the data when it is synched on the Dropbox servers.

[geertj]

Exactly. By default Bluepass uses a long password as well to protect the local database. However, you can opt to choose a shorter password, or no password at all. In this case you are still protected by:

* The physical security of your device. Unless someone gets access to your device, you are safe.

* The fact that the sync traffic goes over your local network only.

* Even if someone managed to sniff your local traffic, all synchronization requests are encrypted by each node's unique 2048-bit RSA key. No dictionary attack is possible - you'd have to break RSA.